qemu/tests/qtest/fuzz-virtio-scsi-test.c
<<
>>
Prefs 
   1/*
   2 * QTest fuzzer-generated testcase for virtio-scsi device
   3 *
   4 * Copyright (c) 2020 Li Qiang <liq3ea@gmail.com>
   5 *
   6 * This work is licensed under the terms of the GNU GPL, version 2 or later.
   7 * See the COPYING file in the top-level directory.
   8 */
   9
  10#include "qemu/osdep.h"
  11
  12#include "libqtest.h"
  13
  14/*
  15 * Here a MemoryRegionCache pointed to an MMIO region but had a
  16 * larger size than the underlying region.
  17 */
  18static void test_mmio_oob_from_memory_region_cache(void)
  19{
  20    QTestState *s;
  21
  22    s = qtest_init("-M pc-q35-5.2 -m 512M "
  23                   "-device virtio-scsi,num_queues=8,addr=03.0 ");
  24
  25    qtest_outl(s, 0xcf8, 0x80001811);
  26    qtest_outb(s, 0xcfc, 0x6e);
  27    qtest_outl(s, 0xcf8, 0x80001824);
  28    qtest_outl(s, 0xcf8, 0x80001813);
  29    qtest_outl(s, 0xcfc, 0xa080000);
  30    qtest_outl(s, 0xcf8, 0x80001802);
  31    qtest_outl(s, 0xcfc, 0x5a175a63);
  32    qtest_outb(s, 0x6e08, 0x9e);
  33    qtest_writeb(s, 0x9f003, 0xff);
  34    qtest_writeb(s, 0x9f004, 0x01);
  35    qtest_writeb(s, 0x9e012, 0x0e);
  36    qtest_writeb(s, 0x9e01b, 0x0e);
  37    qtest_writeb(s, 0x9f006, 0x01);
  38    qtest_writeb(s, 0x9f008, 0x01);
  39    qtest_writeb(s, 0x9f00a, 0x01);
  40    qtest_writeb(s, 0x9f00c, 0x01);
  41    qtest_writeb(s, 0x9f00e, 0x01);
  42    qtest_writeb(s, 0x9f010, 0x01);
  43    qtest_writeb(s, 0x9f012, 0x01);
  44    qtest_writeb(s, 0x9f014, 0x01);
  45    qtest_writeb(s, 0x9f016, 0x01);
  46    qtest_writeb(s, 0x9f018, 0x01);
  47    qtest_writeb(s, 0x9f01a, 0x01);
  48    qtest_writeb(s, 0x9f01c, 0x01);
  49    qtest_writeb(s, 0x9f01e, 0x01);
  50    qtest_writeb(s, 0x9f020, 0x01);
  51    qtest_writeb(s, 0x9f022, 0x01);
  52    qtest_writeb(s, 0x9f024, 0x01);
  53    qtest_writeb(s, 0x9f026, 0x01);
  54    qtest_writeb(s, 0x9f028, 0x01);
  55    qtest_writeb(s, 0x9f02a, 0x01);
  56    qtest_writeb(s, 0x9f02c, 0x01);
  57    qtest_writeb(s, 0x9f02e, 0x01);
  58    qtest_writeb(s, 0x9f030, 0x01);
  59    qtest_outb(s, 0x6e10, 0x00);
  60    qtest_quit(s);
  61}
  62
  63int main(int argc, char **argv)
  64{
  65    g_test_init(&argc, &argv, NULL);
  66
  67    qtest_add_func("fuzz/test_mmio_oob_from_memory_region_cache",
  68                   test_mmio_oob_from_memory_region_cache);
  69
  70    return g_test_run();
  71}
  72
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.